Multiple Vendor Telnetd Buffer Overflow Vulnerability

Solution:
Vendor-supplied patches and updates that rectify this issue are available.

Cisco has released fixes for vulnerable versions of CatOS running on Catalyst devices.

Gentoo has released updated packages to address this issue. Please see the referenced Gentoo advisory (GLSA 200410-03) for more information. Gentoo users may carry out the following commands to update their computers:

emerge sync
emerge -pv ">=net-misc/netkit-telnetd-0.17-r4"
emerge ">=net-misc/netkit-telnetd-0.17-r4"

Additional upgrades are available.


IBM AIX 5.1
  • IBM IY22021


MIT Kerberos 5 1.1.1

HP HP-UX 10.20

HP HP-UX 10.24

Cisco VPN 3000 Concentrator 3.0

Cisco VPN 3000 Concentrator 3.0.3 (B)

Cisco VPN 3000 Concentrator 3.0.3 (A)

BSDI BSD/OS 4.2

FreeBSD FreeBSD 4.3 -RELEASE

IBM AIX 4.3.2
  • IBM IY22029


SCO Open Server 5.0.5

SCO Open Server 5.0.6

Cisco Catalyst 6000 6.1 (1b)
  • Cisco Catalyst Release 6.3(4)
    Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.


Cisco Catalyst 5000 6.1 (3)
  • Cisco Catalyst Release 6.3(4)
    Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.


Cisco Catalyst 6000 6.1 (1a)
  • Cisco Catalyst Release 6.3(4)
    Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.


Cisco Catalyst 5000 6.1 (1)
  • Cisco Catalyst Release 6.3(4)
    Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.


Cisco Catalyst 6000 6.1 (1)
  • Cisco Catalyst Release 6.3(4)
    Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.


Cisco Catalyst 6000 6.2 (0.110)
  • Cisco Catalyst Release 6.3(4)
    Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.


Cisco Catalyst 6000 6.3 (0.7)PAN
  • Cisco Catalyst Release 6.3(4)
    Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.


SGI IRIX 6.5.1

SGI IRIX 6.5.3

SGI IRIX 6.5.4

SGI IRIX 6.5.8

Cisco Catalyst 4000 7.1
  • Cisco Catalyst Release 7.1(2)
    Upgrade for Catalyst Release 4000, 6000 Release 7 code base. Will be available on OCC on Feb 4/2002.


Cisco Catalyst 6000 7.1
  • Cisco Catalyst Release 7.1(2)
    Upgrade for Catalyst Release 4000, 6000 Release 7 code base. Will be available on OCC on Feb 4/2002.



 

Privacy Statement
Copyright 2010, SecurityFocus